Champion caution over complacency when protecting critical information systemsBy Stuart Dickinson, CEO on
Cybercrime is on the rise. The competitive necessity to innovate, get closer to customers and improve productivity present risks to all enterprises that cybercriminals seek to exploit. It is an indiscriminate threat that affects both large and small organisations across all sectors.
Protecting critical systems and data from the increasing regularity of economic crime should be, if it isn’t already, one of the core mandates for all C level executives. Thankfully much of the risk is avoidable if a cautious, outside-in approach is taken to dealing with potential threats.
PwC’s Global Economic Crime Survey 2016 has revealed that 36% or one in three organisations globally will be affected by economic crime. The most commonly reported types of IT related economic crime are asset misappropriation, procurement fraud and accounting fraud. It’s important to note these numbers aren’t concentrated in any geographic region.
Australia and New Zealand-based companies are not immune. With so much business processing being undertaken online, we are just as vulnerable as organisations located in China or the US. Mobile apps, third-party cloud-based services and BYOD can all put key business initiatives in direct conflict with cybersecurity policies.
So how do you protect your organisation? The truth is there isn’t one particular system or measure that will give you 100% protection, but with comprehensive cybersecurity planning and execution you can significantly lower the risks for your business.
At a governance level the first thing to do is establish plans that address cybersecurity issues at a policy level. While the report from PwC shows that cybercrime affects 32% of organisations, what’s more alarming is that only 37% of organisations currently have a cyber incident response plan. This indicates there’s still a disconnect between the level of risk and the understanding of cybercrime by senior leaders.
Once you’ve achieved buy in from all of your stakeholders, systems and processes must then be put in place to quickly assess and respond to potential threats, and resources allocated to minimise risk and ensure compliance. Your attention should be turned to how your technology settings can enable you to monitor and identify potential risks as well as the actual security breaches themselves.
Adopting an organised array of managed security services for traditional data center, endpoints, identity and network management, as well as additional services to secure applications and next-generation platforms including cloud, mobility, and big data and analytics is a holistic, ‘belt and braces’ approach that will help secure critical data and systems.
Unfortunately, we know from experience that many clients treat their SAP security as an afterthought. That’s why at Oxygen, a DXC Technologies Company we’ve always placed security front and centre in our solutions. Our specialist SAP security consultants are included in projects from design phase through to post go-live support and we also ensure we have specialist security consultants available to support our Managed Solutions customers.
We’ve also developed a tool help to help you review your current security settings and assist with remediation and mitigation. Our SAP Security Healthcheck is adapted to meet your organisation’s needs and can provide you with a clearer view of your security landscape.
The SAP Security Healthcheck is tailored to your requirements, enabling our team to review your current systems, identify any quick wins, identify gaps and areas for improvement, and define a short and long term strategy to enable you to more easily adapt to changes as they occur.